Information Security Testing Engineer

• Join one of Australia's biggest banks - A top 100 ASX listed Company
• Work from home or any of our corporate locations across Australia
• Permanent role + benefits (more info on our website)

About us

With more than 160 years of history, we are proud of our position in the community with more satisfied customers than any other Australian bank.  Every day, we work hard to bring our company purpose to life, feeding into the success of our customers and communities and not off it.

We're more than just a bank with banking products. We change the lives of customers and communities. Commercial actions with heart!

Our time is now. We are challenging the status quo and we're excited about our future!

About the role

Information Security within the Bank uses a business-focused risk-based approach. The Information Security Design, Testing and Assurance Service Team enables and supports business goals by helping to implement and test controls designed to protect the bank.  Click here for more info.

Reporting to the Service Owner of Information Security Testing and Assurance.  You will be responsible for advising technology functions and business units on Information Security with specific focus on the areas of Penetration and Dynamic Application Security Testing (DAST) throughout the organisation to manage risk.

What you will be doing:

• Development and execution of the security testing program in alignment with the Bank’s risk management framework and business strategy. This includes: Dynamic Application Security Testing (DAST) and Penetration Testing and, oversight of compliance to manage information security risk
• Management of the security testing tools used by the bank’s security testing services
• Commissioning and management of external penetration testing engagements
• Provide guidance to technology functions on the identification, prioritisation, and remediation of information security weaknesses within the organisation’s IT assets, architectures, and processes
• Maintain an understanding of information security trends and threat intelligence, ensuring threats and controls are understood
• Provide reporting and metrics relating to the information security testing program and onward reporting of key activities

About you 

You will be familiar with security testing practices and techniques and have an understanding of cloud computing models, technologies, and concepts.  Including a working knowledge of regulatory frameworks such as OWASP, OSSTMM or Information security best practice standards and guidelines, along with Risk Analysis/ Threat Modelling experience.

To be successful in this role you will have:

• Knowledge of PCI, Swift CSP and NPPA penetration testing requirements
• Proven ability in the use of Static and Dynamic Analysis testing tools.
• Relevant experience with security products and concepts
• Experience with design, development and implementation of management frameworks, standards, processes and procedures
• Practical experience with development of policies, values, standards and procedures
• Demonstrated enthusiasm for Information Security (e.g. GitHub repo, blogs, presentations, conference talks, local security association member, participated in free skill-building / hacking contests)

Why us? 

There's so much more to a career with Bendigo and Adelaide Bank than just banking. 

Get real benefits, work life balance and flexibility. You bring your brilliant mind and we’ll help you take your learning to the next level with on the job training and external development opportunities - we want you to shine. After all, YOU are the difference that makes us the better big bank.

At Bendigo and Adelaide Bank we believe a diverse workforce supported by an inclusive culture is central to our success and we actively encourage applications from those who bring diversity of thought to our business. We support candidate requests for adjustment to accommodate an illness, injury or disability to equitably participate in the selection process.

It is a condition of employment with the Bank that you are fully vaccinated against COVID-19, unless you have a medical contraindication or acute illness which prevents you from receiving the vaccine and you provide satisfactory evidence of this to the Bank.

Be quick to apply as applications will be reviewed as they are submitted, and the advert my close before the listed closing date.